package main

import (
	"crypto/tls"
	"crypto/x509"
	"io/ioutil"
	"net/http"
)

func main() {
	addr := "${gatewayhost}:8888"
	clientCert, err := tls.LoadX509KeyPair("client.pem", "client.key")
	if err != nil {
		panic(err)
	}

	trustedCert, err := ioutil.ReadFile("cacert.pem")
	if err != nil {
		panic(err)
	}

	certPool := x509.NewCertPool()
	if !certPool.AppendCertsFromPEM(trustedCert) {
		panic("AppendCertsFromPEM")
	}

	tlsConfig := &tls.Config{
		Certificates: []tls.Certificate{clientCert},
		RootCAs:      certPool,
		MinVersion:   tls.VersionTLS13,
		MaxVersion:   tls.VersionTLS13,
		ClientAuth:   tls.RequireAndVerifyClientCert,
		ServerName:   "100-65-128-172_v4_false_50053_.tcpproxy.com",
	}

	transport := &http.Transport{
		TLSClientConfig: tlsConfig,
	}

	client := &http.Client{
		Transport: transport,
	}
	url := "https://${gatewayhost}:8888/${pathprefix}/${apipath}"
	httpReq, err := http.NewRequest(yourmethod, url, yourbody)
	if err != nil {
		panic(err)
	}
	httpResp, err := client.Do(httpReq)
	if err != nil {
		panic(err)
	}
	defer httpResp.Body.Close()

}
